Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2023-1315)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:0828-1 Security update for glib2

This update for glib2 fixes the following issues: - CVE-2021-3800: Fixed a file content leak in pkexec due to charset aliases bsc1191489...

Security Bulletin: App Connect Professional is affected by polkit's pkexec vulnerability

Summary App Connect Professional have addressed the following vulnerability reported in polkit's pkexec. Vulnerability Details CVEID:CVE-2021-4034 DESCRIPTION: Polkit could allow a local authenticated attacker to gain elevated privileges on the system, caused by incorrect handling of the argument...

Advisory ROSA-SA-2022-2013

Software: polkit 0.112 OS: rosa-server79 packageevrstring: polkit-0.112-26 CVE-ID: CVE-2021-4034 BDU-ID: 2022-00488 CVE-Crit: HIGH CVE-DESC: There is an issue in pkexec that causes it to not check the number of arguments, assuming that it will always be at least 1 and that the second value is equ...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 A local privilege escalation vulnerability was f...

Polkit pkexec privilege elevation

Added: 01/27/2022 CVE: CVE-2021-4034 Background Polkit is a Linux package for handling policies that allow unprivileged processes to communicate with privileged processes. It includes a tool called pkexec that allows the user to execute commands as another user according to the polkit policy...

Polkit pkexec Local Privilege Escalation Exploit

/ Proof of Concept for PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec CVE-2021-4034 by Andris Raugulis Advisory:...

Polkit pkexec Local Privilege Escalation Vulnerability

pwnkit: Local Privilege Escalation in polkit's pkexec CVE-2021-4034 ======================================================================== Contents ======================================================================== Summary Analysis Exploitation Acknowledgments Timeline...

CVE-2016-2568

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...

CVE-2016-2568

pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer...

Red Hat PolicyKit pkexec Command Execution Vulnerability

Red Hat PolicyKit is a tool from Red Hat for privilege control of applications on Unix-compatible systems. A security vulnerability exists in the pkexec command in Red Hat PolicyKit 0.113 and earlier versions. An attacker could exploit the vulnerability to execute arbitrary commands with user...

CVE-2011-1485

Race condition in the pkexec utility and polkitd daemon in PolicyKit aka polkit 0.96 allows local users to gain privileges by executing a setuid program from pkexec, related to the use of the effective user ID instead of the real user ID...